couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Noah Slater <nsla...@apache.org>
Subject Re: Proposal for digital signatures of documents
Date Sun, 08 Mar 2009 21:25:41 GMT
On Sun, Mar 08, 2009 at 10:40:57AM -0700, Jens Alfke wrote:
> Yes, that's why I sent this to user@ instead of dev@. :)

Sure.

> SSL connections are valuable for privacy, but in a message-passing
> system they don't do anything for authentication of content. As an
> analogy: you probably use an SSL connection to receive your email from a
> trusted mail server. But somehow you still get spam with forged headers.
> The solution to this is S/MIME, which involves signing the messages.

It's not as clear cut as that.

SSL client/server certificates can be used to verify identity.

> Conversely, if the messages are signed, it saves you from having to
> trust the messenger. This is really convenient, as you can make use of
> any reachable nearby node to help relay messages, even if it's a nearby
> stranger's laptop at the café. (You can trust your snail mail because the
> envelopes are sealed, even though you don't know your mailman.)

... but sure.

-- 
Noah Slater, http://tumbolia.org/nslater

Mime
View raw message